Table of Contents
Java Security Model �and Signing Code��Spring 99
Java Security Model
The Java Security Model
Sandbox mechanism
What can applets do - I?
What can applets do - II?
What can applets do - III?
The Byte Code Verifier
Byte Code Verification
Why is type checking important!
Applet Class Loader
Going beyond the Sandbox: History of Java Security Models
Going beyond the Sandbox-2
Going beyond the Sandbox-3
JDK 1.2 Security Model
JAVA Fine-grained Access Control-1
JAVA Fine-grained Access Control-2
JAVA Fine-grained Access Control-3
JAVA Fine-grained Access Control-4
JAVA Fine-grained Access Control-5
JAVA Fine-grained Access Control-6
JAVA Fine-grained Access Control-7
Java Security-Related Tools
How to sign Java Code
Signing Classes with the Netscape Object Signing Tool
Netscape Object Signing Tool -2
Netscape Object Signing Tool -3
Signing Java Applets with Microsoft's Authenticode
Microsoft's Authenticode 2
Signing Code with Sun's JDK 1.1.x
Signing Code with Sun's JDK 1.1.x-2
Signing Code with Sun's JDK 1.1.x-3
Browsing Signed Applets
The Java Authentication Framework
The Java Authentication Framework-2
Signing Code with Sun's Java 2
Signing Code with Sun's Java 2-II
Signing Code with Sun's Java 2-III
Signing Code with Sun's Java 2-IV
Some Comparisons of Sign Tools
Some Comparisons of Sign Tools - 2
JavaScript Security Model
JavaScript Security Issues
Same Origin Policy
Signed Script Policy-1
Signed Script Policy-2
Signed Script Policy-3
Codebase Principals-1
Codebase Principals-2
Scripts Signed by Different Principals
Principals of Windows and Layers
Determining Container Principals
Identifying Signed Scripts
Using Expanded Privileges
Targets
Targets-2
Importing and Exporting Functions
Weaknesses in the JavaScript Model
Signing Scripts
Signing Scripts-2
Signing Scripts-3
Signing Scripts-4
|